EP4389445A1 - Security element with protective holographic security feature - Google Patents

Abstract

The invention relates to a security element (1) comprising a data carrier (5) with a detectable first security feature (310) in which a first piece of information is stored, and the data carrier (5) comprises a storage layer (511) in which at least a second detectable security feature (320) is holographically stored, wherein the second security feature (320) stores a second piece of information that can be derived from the first piece of information, wherein the second piece of information is a machine-readable pattern (250). The invention further relates to a method for producing such a security element (1), a verification method and a verification device (1300).

Description

The invention relates to a security element with a hologram, which protects information stored in the security element against forgery.

Furthermore, the invention relates to a verification method and a verification device as well as a manufacturing method.

Security elements are physical objects that have at least one security feature that is intended to protect the security element against imitation, counterfeiting, manipulation and the like. Security elements can be, for example, driving licenses, passports, visas, identity cards, banknotes, bank cards, credit cards or the like. In addition, security elements are also physical components that are inserted into the first-mentioned security elements, for example. A security element can therefore be a security thread, a patch, a lamination body, a hologram film or the like.

With security elements such as ID cards, there is a great interest in protecting the information stored in them against manipulation and forgery. This applies in particular to information that is referred to as individualizing or personalizing information. Individualizing information is information that individualizes the corresponding security element compared to other similar security elements. Such individualizing information is considered personalizing if it can be assigned to a person to whom the security element itself is assigned. In the case of an identity card or passport, for example, this is the information that belongs to the person for whom the passport or identity card is issued.

It is known from the state of the art that holograms as security features require increased forgery or manipulation effort. Holograms have therefore been used as security features in security elements for a long time. A hologram is the storage of information in structures whose characteristic size and/or distances are in the range of the wavelength of light. In this case, light is not only visible light, but also electromagnetic radiation from the adjacent Wavelength ranges such as the infrared wavelength range and the UV wavelength range.

Holograms can generally be classified according to different criteria. A key distinction is between thick and thin holograms. While in thin holograms the layer in which the holographic information is stored is of the same order of magnitude as the wavelength with which the hologram can be reconstructed, in thick holograms the volume range in which the holographic information is stored is significantly larger than the wavelength with which the hologram can be reconstructed. Thick holograms are therefore also referred to as volume holograms.

Volume holograms are characterized, for example, by the fact that they exhibit high angular selectivity and wavelength selectivity with regard to reconstruction. This means that the direction from which the reconstruction light must be irradiated for reconstruction and its wavelength are strongly limited or precisely defined. This does not apply to thin holograms. Thin holograms are known, for example, as surface embossed holograms, which are often mirrored and are included as a security feature in credit cards that are currently in common use.

In order to exploit the advantage of the improved protection against counterfeiting of a hologram and to be able to protect and secure information that is stored in a security element using other methods and/or in other ways, it is known to include this other information in the hologram. For example, German personal documents such as identity cards and passports contain a printed, often even color-printed portrait image and an additional holographic storage layer in which a copy of the portrait image coded in grayscale is stored. This copy can be detected, for example, when light of a suitable wavelength, in the case of German personal documents in the green wavelength range, hits the security document at 45°, at 90° to the surface. The angles of the irradiation of the reconstruction light and the detection or observation direction are referred to as reconstruction geometry. Together with the information on the light wavelengths used or used, these are referred to as Reconstruction conditions or reconstruction condition. In addition, further information is encoded in alphanumeric characters in the hologram of German personal documents, which is also stored a second time, ie redundantly, in the personal document by means of printing and/or laser engraving, ie a permanent material change due to laser radiation.

For the production of an individual volume reflection hologram in series production, in some embodiments in the prior art a master is used, as for example in the EP 0 896 260 A2 is described. There, a device is described for producing volume holograms from a master hologram of a ground glass screen, which is recorded with one or more wavelengths and one or more reference angles. With the master hologram of the ground glass screen, stereoscopic and colored individual holograms can be produced using the contact copying process. The device described has a radiation source for laser radiation for irradiating a master hologram and a film. So that holograms containing various information can be produced in a simple manner, a modulation device, a so-called spatial light modulator (SLM), in particular a liquid crystal display (LCD) or an LCoS (Liquid Crystal on Silicon), is present to modulate the coherent laser radiation.

Security elements in the form of identification documents such as passports and identity cards are used to determine and verify the identity of people. Recently, verification is often carried out via electronic media. This is known, for example, as a video identification process. A person's identity is verified in a video call, where video data is transmitted in addition to audio data. Image data from the passport or identity card is transmitted to an institution or person who is supposed to confirm the identity of a person. A number of security features, such as tactile security features, but also security features dependent on the direction of view or the direction of capture, cannot be verified at all or only with difficulty using such processes. The difficulty for holograms is that, if they are flat, they often cannot be captured over their entire surface at the same time during image data capture and transmitted in such a way that they, in particular in the case of a flat portrait image, it can be compared with the portrait image next to it or partially superimposed on it.

The invention is therefore based on the object of creating a security element which enables good or improved protection of information that is easy to record in the security document and is at the same time easy to verify.

The invention is achieved by a security element with the features of patent claim 1, a method for producing the security element according to claim 10, a verification device for a security element according to claim 15, a method for verifying the security element according to claim 16 and computer programs according to claim 17. Advantageous embodiments of the invention emerge from the subclaims.

The invention is based on the idea of encoding the securing information and storing it in the security hologram in such a way that it can be evaluated easily and reliably by machine. In this case, at least one piece of information that is stored in the security element in another way is stored in coded form as a hologram in the security element. During verification, the first information and the coded second information are first extracted and prepared for comparison in such a way that either the first information is coded in the same way as the second information was during production and the coded first information is compared with the extracted second information, or alternatively the second information is decoded and the decoded second information is compared with the first information. If a match is found in one of the two alternative methods, the corresponding security element is marked as genuine. If, on the other hand, a disparity is found, the security element is marked as fake. The verification result can then be used, for example, to automatically trigger further technical processes, such as access control.

Definitions

Coding or coding is understood here as the translation of information into another representation. In addition, coding can also mean the encryption of the Information. Encryption is a transformation in which one piece of information is converted into a second piece of information using another piece of information, which is called a key, and the transformation and reverse transformation is only possible with knowledge of another piece of information, ie the key.

Preferred embodiments

In particular, the invention provides a security element comprising a data carrier with a detectable first security feature in which a first piece of information is stored, and wherein the data carrier comprises a storage layer in which at least a second detectable security feature is holographically stored, wherein the second security feature stores a second piece of information which can be derived from the first piece of information, wherein the second piece of information is a machine-readable pattern.

• Empfangen einer ersten Information;
• Codieren der ersten Information, um als Ergebnis der Codierung eine zweite Information zu erhalten;
• Bereitstellen oder Herstellen eines Datenträgers, der zumindest eine holografische Speicherschicht umfasst,
• holografisches Speichern der zweiten Information in der Speicherschicht mittels eines zweiten Sicherheitsmerkmals als maschinenlesbares Muster und Speichern der ersten Information in dem Datenträger mittels eines ersten Sicherheitsmerkmals.

Furthermore, the invention provides a method for producing a security element, which comprises the steps:

• Receiving initial information;
• encoding the first information to obtain a second information as a result of the encoding;
• Providing or producing a data carrier comprising at least one holographic storage layer,
• holographically storing the second information in the storage layer by means of a second security feature as a machine-readable pattern and storing the first information in the data carrier by means of a first security feature.

• Empfangen digitaler Bilddaten des Sicherheitselements;
• Extrahieren einer ersten Information aus einem ersten Teil der digitalen Bilddaten, die das erste Sicherheitsmerkmal abbilden, und Extrahieren der zweiten Information aus einem zweiten Teil der Bilddaten, die das zweite Sicherheitsmerkmal abbilden, Ausführen eines Codierschrittes zum Erzeugen eines Codierergebnisses, wobei entweder die erste Information codiert wird, so dass das Ergebnisergebnis die Codierung der ersten Information ist oder die zweite Information decodiert wird, so dass das Codierergebnis die Decodierung der zweiten Information ist,
• Ermitteln eines Vergleichsergebnisses, wobei das Codierergebnis mit der zweiten Information vergleichen wird und deren Gleichheit oder Ungleichheit angibt, wenn das Codierergebnis die Codierung der ersten Information ist, oder das Codierergebnis mit der ersten Information vergleichen wird und deren Gleichheit oder Ungleichheit angibt, wenn das Codierergebnis die Decodierung der zweiten Information ist, und Ausgeben eines Verifikationsergebnisses, wobei das Verifikationsergebnis das Sicherheitselement als echt kennzeichnet, wenn das Vergleichsergebnis eine Gleichheit angibt und als nicht echt kennzeichnet, wenn das Vergleichsergebnis eine Ungleichheit angibt.

A verification procedure is also created, which includes the following procedural steps:

• Receiving digital image data of the security element;
• Extracting a first piece of information from a first part of the digital image data depicting the first security feature, and extracting the second piece of information from a second part of the image data depicting the second security feature, carrying out a coding step for generating a coding result, wherein either the first piece of information is encoded so that the result represents the coding of the first information or the second information is decoded so that the coding result is the decoding of the second information,
• Determining a comparison result, wherein the coding result is compared with the second information and indicates their equality or inequality if the coding result is the coding of the first information, or the coding result is compared with the first information and indicates their equality or inequality if the coding result is the decoding of the second information, and outputting a verification result, wherein the verification result identifies the security element as genuine if the comparison result indicates equality and identifies it as not genuine if the comparison result indicates inequality.

• eine Extraktionseinheit, welche ausgebildet ist, Bilddaten des Sicherheitselements zu empfangen und die erste Information aus dem ersten Sicherheitsmerkmal und eine zweite Information aus dem zweiten Sicherheitsmerkmal zu extrahieren;
• eine Codiereinheit zum Erzeugen eines Codierergebnisses, wobei das Codierergebnis entweder die Codierung der ersten Information ist oder die Decodierung der zweiten Information ist;
• eine Vergleichereinheit zum Erzeugen eines Vergleichsergebnisses, wobei die Vergleichereinheit ausgebildet ist, das Codierergebnis mit der zweiten Information zu vergleichen, wenn das Codierergebnis die Codierung der ersten Information ist, oder das Codierergebnis mit der ersten Information zu vergleichen, wenn das Codierergebnis die Decodierung der zweiten Information ist; und eine Verifikationseinheit zum Ausgebgen eines Verifikationsergebnisses, wobei das Verifikationsergebnis das Sicherheitselement als echt kennzeichnet, wenn das Vergleichsergebnis eine Gleichheit angibt, und als nicht echt kennzeichnet, wenn das Vergleichsergebnis eine Ungleichheit angibt.

In addition, a verification device is created which comprises:

• an extraction unit configured to receive image data of the security element and to extract the first information from the first security feature and second information from the second security feature;
• an encoding unit for generating an encoding result, the encoding result being either the encoding of the first information or the decoding of the second information;
• a comparison unit for generating a comparison result, wherein the comparison unit is designed to compare the coding result with the second information if the coding result is the coding of the first information, or to compare the coding result with the first information if the coding result is the decoding of the second information; and a verification unit for outputting a verification result, wherein the verification result identifies the security element as authentic if the comparison result indicates equality, and as not authentic if the comparison result indicates inequality.

Furthermore, a computer program is created with program code for carrying out all method steps of the verification method when the computer program is executed in a computer.

Furthermore, a computer program with program code stored on a machine-readable data carrier is created for carrying out the verification method when the program code is executed in a computer.

The various embodiments of the invention all offer the advantage that the coding of the first information is linked to a second information, which is a machine-readable code, which significantly improves the detection using image data.

A machine-readable code is considered to be a code that is specifically designed for detection by a machine device. This refers to codes that are designed in such a way that they make imaging errors such as distortions and/or imaging errors in the form of partial damage or similar recognizable and correctable. In particular, this includes barcodes referred to as one-dimensional codes, although they have a two-dimensional extension, as well as two-dimensional codes such as QR codes or similar. These offer the advantage that they make image distortions easily recognizable due to specifications associated with the respective code, such as standardization regulations, and such "imaging errors" can be detected and corrected using appropriate pattern recognition software before the content encoded in the pattern is decoded. In addition, machine-readable codes preferably have at least one error correction method, such as a checksum, or other methods that enable the correction of one or more errors due to incomplete or slightly incorrect detection. While check digits only make it possible to verify that the data has been entered correctly, error correction procedures make it possible to record the information completely correctly despite individual errors in parts of the pattern.

The invention is significantly improved if the coding includes encryption. This can prevent the machine-readable feature from being easily generated by counterfeiters. If, for example, the key required for encryption is kept secret, the machine-readable pattern from the first information cannot be encoded by counterfeiters. This makes counterfeiting significantly more difficult. If an encryption method with secret information, i.e. with a key, is used, verification is only possible by those people or entities who know the key.

A further improvement, especially with regard to the user applications of the novel security element, can be achieved if the encryption method which is carried out during coding is a so-called asymmetric encryption method. This refers to encryption methods that have two related keys. One key is used to encode the information and the other key is used to decode it. In such an embodiment, it is possible, for example, to encode the second information with a first secret key when producing the security element. The second key required for decoding can be made public and enables verification in such a way that it can be checked whether the information stored in the pattern after decryption matches the first information stored in the security element in the first security feature.

A preferred embodiment of the invention thus provides that the second information comprises an encryption of the first information, in particular the second information is asymmetrically encrypted.

A corresponding development of the method thus provides that the coding comprises an encryption, so that the second information comprises an encryption of the first information, in particular the first information is encrypted asymmetrically.

The method for verification is thus further developed in that the coding step comprises a cryptography step and the coding comprises an encryption and the decoding comprises a decryption.

One embodiment of the verification device provides that the coding unit is a cryptography unit and that the coding comprises an encryption and the decoding comprises a decryption, in particular by means of an asymmetric encryption method.

In particular, an asymmetric procedure offers the advantage that although verification, i.e. checking the authenticity, is possible because the second information can be decrypted and compared with the first information, no correct second pattern can be generated from a known first information. This is reserved for the institution that has knowledge of the secret key, which is usually the issuer and/or manufacturer of the security elements. However, it is also possible that the "public key" is not is not made public, but is only made available to institutions responsible for checking and verification, possibly in another encrypted form, so that, for example, the verification process can be carried out by means of a computer program, but counterfeiters who do not have access to this protected computer program or a verification device are not even able to decode and thereby decrypt the second information stored in the machine-readable pattern.

If the issuer and producer of the security elements, when using an asymmetric encryption method, still wants to make decoding and decryption possible for a broad public and, if necessary, also wants to use different key pairs consisting of a public and a secret key, it is advantageous if a public key with which the second information can be decrypted is stored in the security element.

In particular, if different key pairs are used for otherwise similar security elements, it is very advantageous to store the public key in the respective security document. In order not to make the public key for decrypting the machine-readable pattern generally public, it can also be encrypted using a different method, i.e. with other keys or key pairs.

Particularly preferably, the first piece of information used is information that is individualizing for the security element, particularly preferably personalizing. Biometric information is particularly suitable for this. Biometric information can be any biometric information. Particularly suitable are an eye distance, a nose length, relationships of certain dimensions in the portrait image or fingerprint patterns or similar. The first piece of information can thus be stored directly in the portrait image in its representation, for example. The eye distance or a nose length can be extracted from image data by corresponding pattern recognition programs, as are known in the prior art. Since the non-holographic information of the security document can usually be recorded over the entire surface, these programs can usually calculate out imaging errors such as distortions and the like without difficulty. It is therefore possible to print a feature that clearly identifies a person, the portrait image, on to secure it in a simple manner, ie to directly secure information stored in the portrait image using the holographically stored machine-readable pattern.

A preferred embodiment of the security element thus provides that the first information is personalizing information, in particular biometric information.

A particularly high level of protection of the holographic feature is achieved if the second information is or will be stored as a volume hologram. This means that the second security feature is preferably designed as a volume hologram. While surface holograms can be produced by embossing, exposure to coherent light is required to produce volume holograms in order to form the corresponding hologram. The effort is therefore significantly increased. In addition, versions with volume holograms are possible, which have a high diffraction efficiency and are therefore easy to capture in image data.

In a preferred embodiment of the invention, the second information is designed as a two-dimensional pattern with at least two types of pattern elements, wherein the pattern elements of one type produce a uniform optical impression in the image data captured during the reconstruction during the holographic reconstruction and different types of pattern elements produce different optical impressions in the image data captured during the reconstruction during the reconstruction. This includes binary patterns, such as QR codes. In one embodiment, one type of pattern element can thus be assigned the diffraction efficiency 0. Such a pattern element corresponds to a location area in the reconstructed pattern that shows no light effect in the image data. The other type of pattern element is assigned location areas that show a bright light effect in the image data.

In other embodiments, a binary two-dimensional pattern can comprise pattern elements that all have a diffraction efficiency other than zero. Some pattern elements preferably have a diffraction efficiency of at least 10%, but no more than 30%, and the other pattern elements have a diffraction efficiency of at least 60%, preferably more than 70%. Preferably, the bright pattern elements are at least "twice as bright", preferably at least "three times as bright" as the dark pattern elements. Such a two-dimensional machine-readable pattern is thus a bright area in the image data, but one that exhibits brightness fluctuations or variations. Such a security feature is more difficult to forge and replicate.

However, embodiments are also possible in which not only two types of pattern elements, but several types of pattern elements are used, which differ, for example, in terms of the diffraction efficiency, i.e. the brightness of the pattern elements, in the reconstructed image of the holographically stored pattern. This is comparable to grayscale values when storing photographic data using a printing process.

In addition, even better secured and more difficult to imitate patterns can be produced by storing different types of pattern elements in the volume hologram using different wavelengths. For example, individual pattern elements can produce a green color impression, whereas other pattern elements produce a red color impression. In addition, several "red" types of pattern elements and several "green" types of pattern elements can exist, each of which differs from the other in terms of diffraction efficiency, which is reflected in the brightness of the pattern elements generated in the image data. The effort required for counterfeiting is significantly increased. The possibility of information being encoded in a pattern is also significantly increased. This means that a greater variety of information can be stored on the same surface or with the same number of pattern elements in the stored holographic pattern. While two different pieces of information can be stored in one pattern element with two types of pattern elements, three different pieces of information can be stored in one pattern element if three types are used. The information content is increased accordingly by the number of pattern elements.

According to one embodiment of the invention, the pattern elements are preferably intensity-modulated surface areas, each of which holographically stores a surface area of a planar scatterer or a mirror.

A particularly high level of security is achieved if the first information is also stored or will be stored holographically in the storage layer. In this case, the security element can be a holographic film in which, for example, both the portrait image is stored as a color-graded image, for example with green pixels that have different diffraction efficiencies, and at the same time the machine-readable pattern is stored in the same hologram film spatially offset or even partially or completely superimposed. Completely or partially superimposed in this case means that in the area in which the two-dimensional pattern that stores the second information is formed, no information from the security feature storing the first information is formed. Information is assumed to be partially superimposed or completely superimposed because it is partially or completely arranged in the otherwise rectangular or square area in which the first security feature, e.g. the portrait image, is formed.

In other embodiments in which the first information is formed by means of the first security feature in a layer other than the storage layer of the hologram, for example printed on the hologram layer, there can be a true partial or complete overlay in which parts of the security feature that stores the first information are formed in the same surface area of the security element as the machine-readable pattern. This increases the security of the first security feature to be secured.

In an even more secure form of the security element, it is provided that a third security feature is stored in the data carrier, which stores either the first information or the second information redundantly in the data carrier a further time, wherein the storage methods with which the third security feature is formed or stored differ from the method with which the redundantly stored first information is formed or stored by means of the first security feature or the redundantly stored second information is formed or stored by means of the second security feature. This makes embodiments possible in which, for example, a portrait image is printed once in the security element, for example by means of a colored inkjet print, once as a mono-colored or even full-color portrait image of the volume hologram and additionally as monochromatic or polychromatic machine-readable pattern is or is stored.

It is understood that the verification method in such embodiments can be expanded to the extent that a match between the first information and the third information or the security features with which the first information and the third information are stored in the security element can be carried out in addition to the check of whether the second information encoded in the machine-readable pattern matches the first information stored in the first and third security features. The effort required to manipulate a security element is thereby increased enormously and counterfeits become easier to detect.

A further increase in the security against counterfeiting and thus higher security is obtained in an embodiment in which the two-dimensional pattern comprises a plurality of different types of pattern elements, wherein the plurality of types of pattern elements comprises pattern elements which reconstruct at different wavelengths and, for at least one of these different wavelengths, comprise types of pattern elements which have different diffraction efficiencies.

Preferably, the plurality of pattern elements for each of the different wavelengths comprises different types of pattern elements which differ in terms of diffraction efficiency.

Preferably, for at least one of the different wavelengths at which types of pattern elements of the plurality of pattern elements are reconstructed, preferably for all different wavelengths, there are in each case at least two types of pattern elements whose diffraction efficiency differs by at least 10%. Other embodiments may provide a larger difference of at least 25% or even 50%.

This also results in an increase in information density, i.e. the amount of information that can be stored with a given number of physically formed pattern elements.

Preferably, at least two of the different wavelengths, preferably all of the different wavelengths, are in the optically visible wavelength range. This makes reconstruction possible with white light that has a continuous spectrum, such as sunlight. Volume reflection holograms have sufficient wave selectivity that the different colors corresponding to the different reconstruction wavelengths can be recognized or detected by a human observer or a color camera system.

In another embodiment, the reconstruction wavelengths of all the different types of pattern elements of the pattern are in the non-visible wavelength range. This creates a covert security feature.

In a further development, the pattern of the second security feature is formed from different types of pattern elements which do not reconstruct with wavelengths of visible light and are spatially superimposed on the first security feature in such a way that at least part of the detectable first information is stored in relation to a planar extent of the security element at the same position as pattern elements of the pattern of the second security feature.

Preferably, the first and second security elements are detected optically.

Fig. 1

eine schematische Darstellung eines als Ausweisdokument ausgebildeten Sicherheitselements;

Fig. 2

eine schematische Darstellung einer Vorrichtung zur Herstellung eines Sicherheitselements;

Fig. 3

eine weitere schematische Darstellung einer anderen Ausführungsform zur Herstellung eines Sicherheitsdokuments;

Fig. 4

eine schematische Darstellung eines Systems zur Verifikation eines Sicherheitselements;

Fig. 5

eine schematische Darstellung eines Ablaufdiagramms eines Verifikationsverfahrens; und

Fig. 6

eine schematische Darstellung eines weiteren Sicherheitselements.

The invention is explained in more detail below with reference to a drawing.

Fig.1

a schematic representation of a security element designed as an identification document;

Fig.2

a schematic representation of a device for producing a security element;

Fig. 3

a further schematic representation of another embodiment for producing a security document;

Fig.4

a schematic representation of a system for verifying a security element;

Fig.5

a schematic representation of a flow chart of a verification procedure; and

Fig.6

a schematic representation of another security element.

Fig.1 shows a schematic of a security element 1. The security element is designed as a data carrier 5 in the form of a security document 10 designed as an ID card. Individualizing data 20 are stored in the security element 1. These include, for example, an ID number 30, a validity date 110 and an identifier 130, which can be, for example, a public key 350 of a key pair for asymmetric encryption. Personalizing data 40 are stored in the security element 1 as further individualizing data 20. These include a portrait image 50, preferably printed in color, a name 60, a first name 70, a date of birth 80, a nationality 90, a place of birth 100 and an image of the signature 120. The various personalizing data 40 can be printed, as mentioned for the portrait image, or stored in any other way in the security element. For example, these can be stored using laser marking through permanent conversion of substrate material, for example from transparent plastic to blackened plastic. In addition, some or all of the data created using laser marking can also be captured tactilely.

In addition to the individualizing data 20, the security element 1 also contains general security features 150. Of these, a security print 160 and a national symbol 210, here in the form of an eagle, are mentioned here as examples. The national symbol 210, which is reconstructed using red light, for example, is preferably designed as a three-dimensional volume hologram which shows parallax effects, i.e. changes its appearance when the viewing direction changes. This means that the three-dimensional shape of the eagle is stored in the hologram. In addition, as a further holographic feature 200, the security element 1 contains a two-dimensional machine-readable pattern 250. In the embodiment shown, this is designed as a QR code. The machine-readable pattern 250 is a two-dimensional pattern 251. The two-dimensional pattern 251 consists of pattern areas or Pattern elements 252, 253 that either reconstruct brightly (252) or do not reconstruct (253) and thus appear dark. In the embodiment shown, the pattern is thus formed using binary pattern elements 252, 253. Other embodiments can provide that the individual diffracting pattern elements have different diffraction efficiencies and thus different brightness values. For example, the machine-readable pattern reconstructs with light in the green wavelength range. In a preferred embodiment, the machine-readable pattern stores a second item of information that is derived from a first item of information stored in a first security feature 310 in the security element. For example, the preferably color-printed portrait image represents the first security feature 310, in which an eye distance 52 is stored in the security element 1 via a representation of eyes 51. The holographically stored machine-readable pattern 250 as the second security feature 320 includes this first information, namely the eye distance as coded second information. Particularly preferably, an asymmetric encryption is carried out so that the shape of the machine-readable pattern cannot be generated by a forger even if the eye distance 52 is known.

In other embodiments, the first information can be printed in the portrait image using a color composition that is not perceptible when illuminated with light in the visible wavelength range, but shows luminescence, in particular in the visible wavelength range, when excited with light in the non-visible wavelength range, in particular in the UV range or in the IR range. It is also possible to print this first information with a printing preparation in such a way that it reveals the same information when excited in the UV wavelength range as well as in the IR wavelength range. For this purpose, the printing preparation uses both a dye that luminesces when excited with UV or a pigment that luminesces when excited with UV, as well as an IR-excitable dye that shows up-conversion or an IR-excitable pigment. This information can be a fingerprint pattern, for example, or it can also include other biometric data or non-biometric personalizing data.

In Fig.2 5 shows an example of a device for producing a security element. The device 500 comprises a hologram exposure unit 600. This has a coherent light source 610 and optionally further coherent light sources 615. A spatial light modulator 620 is arranged in the beam guide between the coherent light source 610 and a hologram master 630. This is linked to a control device 700. The control device 700 is designed, for example, as a computer 710 with an input 720 for receiving data 720 for individualization and personalization. The hologram exposure device 600 is controlled via this computer 710. To produce the security element, a photosensitive layer 510 is provided and brought into contact with the hologram master 630, which in the embodiment shown is designed, for example, as a hologram master of a reflection volume hologram. This comprises a hologram of a flat, homogeneously luminous reflecting area, which is an image of a diffuser or a mirror. The spatial light modulator 620 is controlled in such a way that, for example, individual areas of the hologram master representing the homogeneously luminous surface are exposed and thus copied into the photosensitive layer 510 and other areas are not illuminated and thus are not reconstructed and copied. The result is the binary machine-readable pattern, as it is shown, for example, in Fig.1 as a second security element 320 in the form of the holographically stored machine-readable pattern 250 of the. Alternatively, the intensity selected for the exposure of the individual pattern elements 252, 253 can be changed via the spatial light modulator, so that pattern elements 252, 253 with different brightness appear in the machine-readable pattern. In addition to the one coherent light source, a further coherent light source 615, which has a different light wavelength, can be used to either create other holographic elements, such as the holographically stored pattern 250 in Fig.1 drawn national symbol 210, with the aid of the hologram master 630, in which the national symbol is stored as a hologram for the other wavelength. For this purpose, the light from the further coherent light source is generally not guided via the spatial light modulator 620. In other embodiments, however, it can be provided that the machine-readable holographic pattern comprises pattern elements that reconstruct at different wavelengths and that the light from the further coherent light source 615 is also guided at least partially via the spatial light modulator. It is also possible to use a second spatial light modulator (not shown) for the light from the further coherent light source 615. Other embodiments can provide even further coherent light sources for even further wavelengths and, if necessary, light from spatial light modulators.

After the machine-readable pattern is stored in the storage layer 511 in the form of the photosensitive layer 510, in the embodiment shown the first information is printed onto the fully developed and fixed photosensitive layer 510, for example by means of a printing device 800. The first information is stored here by means of a first security feature 310, which can be an alphanumeric print, a print made using luminescent colorants and/or a color print, for example in the form of a portrait image. The first information can also be formed and stored in the first security feature by means of other methods, for example via a classic laser marking, i.e. via a partial carbonization of substrate layers, or the like.

In Fig.3 A further embodiment of a device for producing a security element 1 is shown. The same technical features are provided with the same reference numerals in all figures and will not be described separately again. In the embodiment according to Fig.3 In addition to the photosensitive layer 510, a further substrate layer 520, for example a plastic layer, is provided and printed with the first security feature, which stores the first information, at the same time or at a time offset from the holographic exposure of the photosensitive layer 510. The substrate layer 520 and optionally further substrate layers are then brought together with the photosensitive layer 510 and connected to one another in a lamination process by means of a lamination device 900. Adhesives can be used here. Other embodiments provide that the photosensitive layer 510, which can also be a layer composite, is joined to the at least one substrate layer 520 to form a lamination body without the use of an adhesive. Such a lamination body is also referred to as a data carrier 5, since data is stored in it. The printed photosensitive layer 510, which according to the embodiment according to Fig.2 represents a data carrier 5.

While the embodiment according to Fig.2 produces a security element 1, which is usually a preliminary product for the production of an identity document or other security or valuable document, is provided with the device according to Fig.3 preferably a security element 1 as a finished security document 10 in the form of a Lamination body is manufactured. It is clear to the person skilled in the art that the device 500 can contain further devices that insert further security features and security elements, and that even after the lamination body has been manufactured, further process steps can be carried out, such as laser engraving and/or electronic personalization by storing information in an electronic data storage device laminated into the security document. The first information can also be stored, for example, in such an electronic chip in a security element designed as a security document.

In Fig.4 a verification system 1000 for verifying a security element 1 is shown schematically. In the embodiment shown, the verification system comprises an image data acquisition device 1100, a verification apparatus 1300 and an access barrier 1400. The image data acquisition device 1100 comprises a camera 1150. This is designed to capture diffracted light 1120 for capturing the second security element 320 and additional security elements visible in visible light, such as the first security element 310, when reconstruction light 1110 of a suitable wavelength is irradiated onto a security element 1 at a predetermined reconstruction angle. The reconstruction light can be provided by a light source 1130, which generates white light, for example, when the second holographically stored second security feature 320 is stored as a volume hologram. However, the light source 1130 can also be designed as a laser. The image capture device 1100 can also comprise an excitation source 1140 in the form of a UV lamp or the like in order to make luminescent components of the first security element 310 detectable. The image data capture device provides image data 1200. The verification device 1300, which is designed, for example, as a computer 1305 with a computing device 1310, a storage device 1320 and has a program code 1330 stored in the storage device, has an input 1340 for receiving the image data 1200. An extraction unit 1350, a coding unit 1360, which optionally comprises a cryptography unit 1365, a comparison unit 1370 and a verification unit 1380 are realized by means of the program code that is executed on the computing device 1310.

The extraction unit is designed to extract a first piece of information from the image data, for example an eye distance from the portrait image, which represents a first security feature, and the machine-readable pattern as a second piece of information. In one embodiment, the coding unit 1360 decodes the machine-readable pattern. This produces a coding result which, in the case of a genuine security element, should be equal to the first piece of information extracted from the first security feature by the extraction unit 1350. This is, for example, the eye distance. The comparison unit 1370 then compares, for example, the first piece of information with the decoded second piece of information and determines whether there is equality or inequality. Based on the comparison result, the verification unit 1380 determines a verification result which is fed via an output unit 1385, for example to an output 1388. The output unit can also output a pictorial representation of the result. In the illustrated embodiment of the verification system 1000, an access lock 1400 is linked to the output 1388, which, for example, enables or blocks access to a protected area depending on the verification result. The verification result can also be output, for example, as a signal, which can be further processed.

As an alternative to decoding the extracted machine-readable pattern, the first information can also be encoded in the same way as was done when producing the machine-readable pattern and thus compared with the second information of the comparison unit for equality or inequality.

Particularly preferably, the first information, for example the eye distance, is contained in the machine-readable pattern as second information in encrypted form. Particularly preferably, the encryption has taken place using an asymmetric encryption method. For example, the eye distance has been encrypted with a secret key and encoded in the machine-readable pattern. During verification, a cryptographic step can now be carried out when decoding the pattern, which is carried out using a publicly known key. This again gives a value for the eye distance, which can be compared with the eye distance extracted from the first security feature.

Based on Fig.5 the flow chart of a verification according to an embodiment of a verification method 2000 is explained again schematically. Optionally, the image data of the security element 2100 is captured. In this case, the hologram of the security element 1120 is reconstructed. Other embodiments can provide that only the image data already captured are received 2200. From the image data, the first information and the machine-readable pattern are extracted from the first security feature as second information 2300. A coding step is then carried out 2400 in order to derive information to be compared with the first information from the second information or to encode the first information in such a way that it is comparable with the second information.

In a preferred embodiment, a cryptography step is carried out here 2410. In particular, the second information, which is preferably an encryption of the first information generated using an asymmetric encryption method, is decrypted using a publicly known key. The first information is then compared with the coding or cryptography result 2500. A verification decision is then made depending on whether or not an equality between the coding or cryptography result and the originally extracted information is determined 2600. Finally, the verification decision is output 2650. In some embodiments, the verification result is then additionally processed automatically, for example via an access control at a personal lock or the like 2700.

In Fig.6 A further embodiment of a security element 1 in the form of a security document 10 designed as an ID card is shown. Technically identical features to the embodiment according to Fig.1 are not explained again. The embodiment differs from that according to Fig.1 in particular in that the portrait image 50, which is printed on the one hand, is additionally stored as a holographic portrait image 260 in light/dark or brightness levels. The holographically formed machine-readable pattern 250 is additionally formed in the same storage layer, a photosensitive layer, but in a different location. This provides multiple protection for the first information, which is provided both in the first security feature 310, which is formed as a holographic portrait image, and in the third security feature 330, the printed portrait image 50, as well as in coded, preferably encrypted form, is stored in the holographic machine-readable pattern of the second security feature 320.

In a modification, the machine-readable pattern 250 of the second security feature 320 is colored. The pattern elements, which have a detectable diffraction efficiency, reconstruct at at least two different wavelengths, the light of which preferably produces different color impressions for a human observer, i.e. to which different colors are assigned. The pattern preferably has pattern elements that reconstruct at three or more wavelengths, i.e. three or more colors. This makes counterfeiting significantly more difficult and increases the information density of the storable information of the pattern.

In another embodiment, the pattern 250 comprises at least two different types of pattern elements that reconstruct at the same wavelength and each have a diffraction efficiency other than zero. Preferably, there are at least three or more different types of pattern elements that reconstruct perceptibly at the same wavelength and each have a perceptible or detectable diffraction efficiency other than zero. The pattern may additionally comprise pattern elements that do not reconstruct or reconstruct imperceptibly.

The variations described here can be made in all embodiments and combined with the other features to implement the invention.

It is understood that in addition to the encoded first information, further information in encrypted or unencrypted form can also be stored in the machine-readable holographically stored pattern.

The security element is preferably formed in a photosensitive layer or in a lamination body comprising a photosensitive layer. The photosensitive layer preferably comprises photopolymers. However, any layer can be used in which a hologram can be exposed. The other substrate layers which are formed in a lamination body with the photosensitive layer Any common substrate layer can be used for the substrates to be bonded. These include in particular polycarbonate, polyethylene, PVC, but also composite materials such as ABS, paper, cotton or similar. Any printing method can be used as the printing method. However, digital printing methods, in particular an inkjet printing method, are particularly suitable. In this case, printing inks are used in particular which are made on the basis of the plastic material on which the printing is carried out. In particular, polycarbonate layers are suitable as the substrate layer and preparations which comprise a binder with a polycarbonate derivative, preferably based on a geminal disubstituted dihydroxydiphenylcycloalkane, as are described, inter alia, in the EN 10 2008 012 423 A1 are described.

It is clear to those skilled in the art that the features described with the different embodiments can be combined as desired to form further embodiments.

Reference symbols

1

Security element

5

Data carrier

10

Security document

20

Individualizing data

30

ID number

40

Personalizing data

50

Portrait picture

51

Eyes

52

Pupillary distance

60

Surname

70

First name

80

birth date

90

nationality

100

Place of birth

110

Validity date

120

Signature

130

Identifier

150

general security features

160

Security printing (background)

200

Holographic features

210

Symbol of sovereignty

250

machine-readable pattern

251

two-dimensional pattern

252

Pattern element

253

Pattern element

260

holographic portrait image

310

first security feature

320

second security feature

330

third security feature

350

public key

500

Device for producing a security element

510

photosensitive layer

511

Storage layer

520

Substrate layer

600

Holobelighters

610

coherent light source

615

additional coherent light source

620

spatial light modulator

630

Hologram Master

700

Control device

710

computer

720

Entrance

800

Printing device

900

Lamination device

1000

Verification system

1100

Image data acquisition device

1110

Reconstruction light

1120

diffracted light (reconstructed hologram information)

1130

Light source

1140

Excitation source (e.g. UV lamp)

1150

camera

1200

Image data

1300

Verification device

1305

computer

1310

Computer setup

1320

Storage facility

1330

Program code

1340

Entrance

1350

Extraction unit

1360

Coding unit

1365

Cryptographic unit

1370

Comparator unit

1380

Verification unit

1385

Output unit

1388

Exit

1400

Access lock

2000

Verification procedure

2100

Capturing image data of a security element

2110

Reconstructing the hologram of the security element

2200

Receiving image data of the security element

2300

Extracting the first information and the second information

2400

Executing a coding step

2410

Executing a cryptography step

2500

Comparing the coding result with the extracted information

2600

Making a verification decision

2650

Issuing the verification decision

2700

Access control based on the verification result

Claims (17)

Security element (1) comprising a data carrier (5) with a detectable first security feature (310) in which a first information is stored, and the data carrier (5) comprises a storage layer (511) in which at least one second detectable security feature (320) is holographically stored, wherein the second security feature (320) stores a second information which can be derived from the first information, characterized in that the second information is a machine-readable pattern (250). Security element (1) according to claim 1, characterized in that the second information is an encryption of the first information, in particular the second information is asymmetrically encrypted. Security element (1) according to claim 2, characterized in that a public key (350) with which the second information can be decrypted is stored in the security element (1). Security element (1) according to one of the preceding claims, characterized in that the first information is personalizing information, in particular biometric information. Security element (1) according to one of the preceding claims, characterized in that the second information is stored as a volume hologram by means of the second security feature (320). Security element (1) according to one of the preceding claims, characterized in that the second security feature (320) which stores the second information is designed as a two-dimensional pattern (251) with at least two types of pattern elements (252; 253), wherein the pattern elements (252; 253) of one type produce a uniform optical impression in image data (1200) captured during the reconstruction during the holographic reconstruction and different types of pattern elements (252; 253) during the reconstruction produce different optical impressions in the image data (1200) captured during reconstruction. Security element (1) according to claim 6, characterized in that the pattern elements are intensity-modulated surface areas which each holographically store a surface area of a planar scatterer or a mirror. Security element (1) according to one of the preceding claims, characterized in that the first information is also stored holographically in the storage layer (511) by means of the first security element (310). Security element (1) according to one of the preceding claims, characterized in that a third security feature (330) is stored in the data carrier (5), which redundantly stores either the first information (310) or the second information (320) a further time in the data carrier (5), wherein the storage method with which the third security feature (330) is formed differs from the method with which the redundantly stored first information is formed by means of the first security feature (310) or the redundantly stored second information is formed by means of the second security feature (320). Method for producing a security element (1) according to one of claims 1 to 9, comprising the steps: Receiving initial information; encoding the first information to obtain a second information as a result of the encoding; Providing or producing a data carrier (5) comprising at least one holographic storage layer (511), holographically storing the second information in the storage layer (511) by means of a second security feature (320) as a machine-readable pattern (250) and storing the first information in the data carrier (5) by means of a first security feature (310). Method according to claim 10, characterized in that the coding comprises an encryption, so that the second information is an encryption of the first information, in particular the first information is encrypted into the second information by means of an asymmetric encryption method. Method according to claim 10 or 11, characterized in that the second information is stored as a volume hologram by means of a contact copying method with the aid of a hologram master (630) of a planar scatterer or mirror. Method according to one of claims 10 to 12, characterized in that the first information is also stored holographically in the storage layer by means of the first security feature (310). Method according to claim 13, characterized in that the first information and the second information are stored by means of different wavelengths. Verification device (1300) for a security element (1) according to one of claims 1 to 9, comprising: an extraction unit (1350) which is designed to receive image data of the security element (1) and to extract the first information from the first security feature (310) and second information from the second security feature (320); an encoding unit (1360) for generating an encoding result, the encoding result being either the encoding of the first information or the decoding of the second information; a comparison unit for generating a comparison result, wherein the comparison unit (1370) is designed to compare the coding result with the second information if the coding result is the coding of the first information, or to compare the coding result with the first information if the coding result is the decoding of the second information; and a verification unit (1380) for outputting a verification result, wherein the verification result identifies the security element (1) as authentic if the comparison result indicates equality and marks as not true if the comparison result indicates inequality. Method for verifying a security element (1) according to one of claims 1 to 9, comprising the method steps: Receiving digital image data (1200) of the security element (1); Extracting a first piece of information from a first part of the digital image data (1200) depicting the first security feature (310) and extracting the second piece of information from a second part of the image data (1200) depicting the second security feature (320), carrying out an encoding step for generating an encoding result, wherein either the first piece of information is encoded so that the result is the encoding of the first piece of information or the second piece of information is decoded so that the encoding result is the decryption of the second piece of information, Determining a comparison result, wherein the coding result is compared with the second information and indicates their equality or inequality if the coding result is the coding of the first information, or the coding result is compared with the first information and indicates their equality or inequality if the coding result is the decoding of the second information, and outputting a verification result, wherein the verification result identifies the security element (1) as authentic if the comparison result indicates equality and identifies it as not authentic if the comparison result indicates inequality. Computer program with program code (1320) for carrying out all method steps according to claim 16, when the computer program is executed in a computer (1305).

Images